[sanesecurity] Re: Unix::Syslog.3pm.gz detected as Sanesecurity.Lott.668.UNOFFICIAL
- From: "McDonald, Dan" <Dan.McDonald@xxxxxxxxxxxxxxxx>
- To: <sanesecurity@xxxxxxxxxxxxx>
- Date: Fri, 30 Jan 2009 07:15:27 -0600
On Fri, 2009-01-30 at 10:32 +0100, Peter Boosten wrote:
> Steve Basford wrote:
> >> Hmmm, Interesting to see how a phrase like "sbhagnva gehfg ybggrel /
> >> 2012 bylzcvp va ybaqba" became part of Unix::Syslog.3pm.gz..
> > Note: rot13 encoded text between quotes
>
> Hmmm, you're absolutely right, of course... silly me.
For what it's worth, the file is clean on my distro, but it is bzip2'ed
instead of gzipped...
[]$ clamscan /usr/share/man/man3/Unix::Syslog.3pm.bz2
/usr/share/man/man3/Unix::Syslog.3pm.bz2: OK
----------- SCAN SUMMARY -----------
Known viruses: 1066180
Engine version: 0.94.2
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.01 MB
Time: 2.963 sec (0 m 2 s)
[]$ rpm -qf /usr/share/man/man3/Unix::Syslog.3pm.bz2
perl-Unix-Syslog-0.100-2mdk
[]$ rpm -qi perl-Unix-Syslog-0.100-2mdk
Name : perl-Unix-Syslog Relocations: (not relocatable)
Version : 0.100 Vendor: Mandrakesoft
Release : 2mdk Build Date: Tue 16 Nov 2004
04:03:19 AM CST
Install Date: Fri 15 Aug 2008 09:21:53 AM CDT Build Host:
n1.mandrakesoft.com
Group : Development/Perl Source RPM:
perl-Unix-Syslog-0.100-2mdk.src.rpm
Size : 29340 License: GPL
Signature : DSA/SHA1, Fri 02 Jun 2006 12:03:59 PM CDT, Key ID 19c8e11fdb032a8a
Packager : Rafael Garcia-Suarez <rgarciasuarez@xxxxxxxxxxxxxxxx>
URL : http://www.cpan.org/
Summary : Perl interface to the UNIX system logger
Description :
This module provides access to the system logger available on most
UNIX systems via perl XSUBs (perl's C interface).
--
Daniel J McDonald, CCIE #2495, CISSP #78281, CNX
Austin Energy
http://www.austinenergy.com
Other related posts:
